Source: Ars Technica Security RSS

Oct 05, 2016

(credit: David Ramos/Bloomberg via Getty Images)
According to a new report by Reuters citing anonymous former employees, in 2015, Yahoo covertly built a secret “custom software program to search all of its customers' incoming emails for specific information.”
Reuters noted that Yahoo “complied with a classified US government directive, scanning hundreds of millions of Yahoo Mail accounts at ...

Source: Ars Technica Security RSS

Oct 05, 2016

Enlarge / Reduce, reuse, recycle those hacks. (credit: Ildar Sagdejev )
WikiLeaks celebrated its tenth anniversary on Tuesday by teasing a release of documents that would damage presidential candidate Hillary Clinton. But when Julian Assange failed to release anything new, the individual who refers to himself as Guccifer 2.0 posted what he claimed were files from the Clinton Foundation's ser...

Source: Veracode.com

Oct 04, 2016

Much has been written about Apple's official stance against giving law enforcement an encryption backdoors into its customers' files. And Apple's firm position against a backdoor has been painted as a marketing decision, as it gives people a really good reason to buy Apple devices instead of Android or something else.
On top of that reality is the argument that a backdoor isn't even in law enf...

Source: Veracode.com

Oct 04, 2016

In a shocking announcement last month, Yahoo confirmed that data on 500 million user accounts was compromised in 2014, the largest data breach in history. Could it also become the most expensive?"
Yahoo is in the final phases of a deal with Verizon to sell itself to the telecom giant for a mind-boggling sum of $4.8 billion. The breach bombshell can’t have gone over well in Verizon corporate he...

Source: Veracode.com

Oct 04, 2016

Whenever there is a merger or acquisition of a technology company, there is uncertainty about the future of products offered by either company. What is the new strategy? Will the solution I purchased continue to be supported, or even exist? Now that the technological and business ramifications of Micro Focus’ intent to merge with Hewlett-Packard Enterprise’s software business segment have had ...

Source: Veracode.com

Oct 04, 2016

Veracode’s mission is to secure the software that powers the world. And one of the most interesting parts of working here, is that in order to achieve that goal, we get to learn about the entire spectrum of computing technologies. I think of enterprise software landscapes as similar to evolutionary biology. There are generations and generations of different technologies all coexisting toge...

Source: Ars Technica Security RSS

Oct 04, 2016

Enlarge / EMC Unisphere apparently had holes as big as the ones in the Unisphere at Flushing Meadows.
Digital Defense announced today that it privately revealed a set of five zero-day vulnerabilities in Dell EMC's vApp Manager for Unisphere for VMAX, a Web application used to manage all of EMC's storage platforms. The flaws would allow an attacker with access to the network storage devices ...

Source: Ars Technica Security RSS

Oct 04, 2016

A major battle is underway for control over hundreds of millions of network-connected digital video recorders, cameras, and other so-called Internet of Things devices. As Ars has chronicled over the past two weeks, hackers are corralling them into networks that are menacing the security news site KrebsOnSecurity and other Web destinations with some of the biggest distributed denial-of-service...